On LinkedIn
Your AI agents are your most privileged users. You just haven’t treated them that way yet.
Here’s a scenario that plays out every week: a sales team deploys a CRM agent. It gets broad read access because that was easiest. Nobody scoped it, nobody documented it. Three months later, nobody can tell you what it accessed, what decisions it made, or whether it ever touched an external API it shouldn’t have. It’s running. It’s trusted. It’s invisible.
That’s not a technology failure. That’s the same governance failure we solved for human users fifteen years ago — and we’re repeating it at machine speed.
When Palo Alto Networks announced the Portkey acquisition this week, Nikesh Arora called it directly: AI agents are “privileged insiders, reasoning and executing on behalf of users and companies.” Portkey, valued at an estimated $120–140M, double its February number, already processes trillions of tokens per month. Agent to system. Agent to API. Agent to agent. Almost all of it unmonitored.
The Portkey + Idira combination is PAN’s structural answer: Portkey inspects and governs every AI interaction at runtime; Idira gives every agent a managed identity with scope, lifecycle, and revocation built in. One is the checkpoint. The other is the identity card. Zero trust, extended to non-human identities.
Where this lands:
Short term: Portkey becomes Prisma AIRS’s AI Gateway — runtime inspection, audit trail, policy at the point of execution.
Medium term: Cortex XSIAM picks up agent telemetry. Anomalous behavior becomes a SOC ticket instead of a forensic mystery.
Longer term: SASE and NGFW enforce agent policy at the network edge — the same governance engine, extended to machines.
Can you tell me what your AI agents did last Tuesday?
If the answer is no — that’s your next project.
